aspose file tools*
The moose likes Sockets and Internet Protocols and the fly likes requesting suggestions on  topics for project on network security using Java(final year project) Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Sockets and Internet Protocols
Bookmark "requesting suggestions on  topics for project on network security using Java(final year project)" Watch "requesting suggestions on  topics for project on network security using Java(final year project)" New topic
Author

requesting suggestions on topics for project on network security using Java(final year project)

angshuman banerjee
Greenhorn

Joined: Feb 05, 2009
Posts: 6
hi everyone..i am an undergrad computer engineering student and i am about to start my final year project ,..i will be very much obliged if you suggest me some topics in network security where i can use Java . I really want this to be a good work, but i am feelig a little confused while picking the topic(i will talk to my teacher ,but seeing your level of experience,i really want your suggestions before i move on to that)

hope , you will kindly give me some suggestions

waiting for your reply....
Joe Ess
Bartender

Joined: Oct 29, 2001
Posts: 8997
    
    9

Network security is an enormous topic. Can you narrow down the scope of your project for us? Did your teacher give you any guidance on what your project should demonstrate?


[How To Ask Questions On JavaRanch]
angshuman banerjee
Greenhorn

Joined: Feb 05, 2009
Posts: 6
sir, i have basic knowledge of networking,besides i know core java, jsp , servlet very well..the problem is that i am new to java network programming(just started learning it) so i really have little idea of how to be more specific

however, i thought of topics like web crawler or vpn implementation or anything related to using Encryption features on network security..but as i know very little ,that is why i am asking for help,so that you can suggest me some specific topics on the above mentioned ones



another problem is my instructor does not know JAVA well,she insists on using C (i am not comfortable with C , and i like JAVA so..) by showing limitations of JAVA in network programming, by the time i will change my instructor,it will be late for proect topic submission

i want it to be on an important topic and i am solely dependent on you people on this
Joe Ess
Bartender

Joined: Oct 29, 2001
Posts: 8997
    
    9

We just had a discussion on networking projects. Do any of those projects sound interesting?
A web crawler is fairly trivial. I couldn't see making a project out of it unless you added a twist, like loading a web site into Lucene for searching.
I'd think VPN would be out-of-scope for Java. Java is designed for cross-platform application programming so the socket implementation is not as complete as C's.
A chat server is a popular network project. You could add security flavor by incorporating digital signatures so you can detect spoofed/altered messages. If you want to get fancy, you could add whiteboard functionality, rooms (with per-user permissions, of course), moderators who can allow/refuse message or boot users and so on.
angshuman banerjee
Greenhorn

Joined: Feb 05, 2009
Posts: 6
sir , thanks to you for the link, i read it thoroughly.Email server and Chat Servers are taken already, so i will not be able to work on that, although Bittorrent client looks interesting enough(although how you relate network security to it?).But, online reservation system, i think it will be more JSP oriented , even if i talk about its security features , than socket based application.

i thought SSL and HTTPS implementations were possible in JAVA ,that is why i thought it might be possible to implement VPN in JAVA



Well, i really like to work on some anti-hacking mechanisms..anything on that?

FYI i will be performing it on an isolated LAN,The college LAN,not on internet(except if it was VPN)
Rusty Shackleford
Ranch Hand

Joined: Jan 03, 2006
Posts: 490
How about a packet sniffer? If you are more interested in the defense side of things, you can see if you can make your program detect possible recon probes, such as a fin and ACK packet from an address that never properly set up a TCP connection. Could also see if you can detect ICMP traffic, port scans, etc. To do this properly is very complex(see Snort), but can be simplified down to something manageable. An issue is whether or not your lan is routed or switched, if it is the latter you may need to arp poison or run this on a machine acting like a firewall or gateway. Generally, promiscuous mode is useless in a switched network, unless of course you only care about monitoring one node.

A program that tries to probe and penetrate firewalls, AKA firewalking.

A TCP or UDP based traceroute program? This is very simple, and part of a firewalking program.

Write a program that sets up a man in the middle attack, there is at least one Java program out there that can do this: Paros.

These require access to raw packets, something that is not supported officially in Java, but there are implementations that utilize the libpcap and libnet libraries.

Write a Java based fuzzer(automated vulnerability discovery) against a single network protocol: FTP, HTTP, etc. This might require raw packets.

It is not really security related, but you could use raw packets and implement TCP/IP.

Getting back to the java.net package, you could take the Datagram classes and make them more reliable(AKA implement TCP over a UDP implementation.

For Bittorrent, you could try to exploit it in some manner. This might be a bit much for a single project.


"Computer science is no more about computers than astronomy is about telescopes" - Edsger Dijkstra
angshuman banerjee
Greenhorn

Joined: Feb 05, 2009
Posts: 6
Mr. Shackleford ,each of your suggestions look pretty interesting,sir. But, i am a complete newbie in java network programming(although i did my SCJP 1.4 in aug,'08 and i know j2se very well) and have 3 months to accomplish it (it is not the one year project and it will be a 2 person team)...which one would you advice among the ones you mentioned?

i liked fuzzer and firewalking..i am trying to gather information on these two as much as i can.

thanks to you both , again
Joe Ess
Bartender

Joined: Oct 29, 2001
Posts: 8997
    
    9

angshuman banerjee wrote:But, online reservation system, i think it will be more JSP oriented , even if i talk about its security features , than socket based application.


If we were talking about 'real world' interfaces to the public it would make sense to use JSP, but imagine a travel agency client-server system. Or a hotel call center. There are some interesting authentication, authorization and concurrency features you could explore.
When I took the SCJD, the project I was given was a client-server airline reservation system with a Swing GUI.
Those are some good ideas from Rusty, too. It depends on where you want to study and apply security, at the network level or the application level (I told you it was a big field).
Rusty Shackleford
Ranch Hand

Joined: Jan 03, 2006
Posts: 490
It is hard to guess what would be better without knowing you and your partner.

I would say:

traceroute-Probably too easy for a senior project
Firewalking-The trick is getting your program figure out if it has reached a firewall
Packet sniffer/intrusion detection - As long as you clearly restrict and define what you are searching for
fuzzer - IF you wrote it for a simpler API such as FTP, or even simple FTP

If you understand threads and IO in Java and basic network concepts, network programming won't be a huge leap for you. You would need to sort out raw packet capturing/injection for most of these. A flawed but decent library(and it is open source if you need to tweak it) that can send and receive raw packets is Jpcap.

After you do a little research take them to your teacher and he/she will be able to guide you better.
angshuman banerjee
Greenhorn

Joined: Feb 05, 2009
Posts: 6
thanks for the adivce
i am actually thinking of web crawler again
like Mr Ess i also thought it would be trivial as a project ..but now i see there is a possibility that i can incorporate artificial intelligence concepts and regulr expressions to it to make an interesting one(or at least i hope so)

well , i am keeping java based fuzzer as second option(thanks to you)

what do you think?
Rusty Shackleford
Ranch Hand

Joined: Jan 03, 2006
Posts: 490
How familiar are you with soft computing? If you have some background it should be OK.

Are you going to incorporate security into it?

There has been a little work done with fuzzers and soft computing, mainly genetic algorithms to ensure thorough execution path coverage. I am convinced neural networks and fuzzy logic can be incorporated into it as well to better detect exploitable situations. It is fairly bleeding edge stuff though, and probably well beyond the scope of an undergrad project. I toyed around with for my masters thesis, but I am not sure it is doable in the 10 months I have left before I am hoping to graduate.

Ideally your project should be a culmination of your undergrad work and something that you could use as an example of your work for job interviews.
angshuman banerjee
Greenhorn

Joined: Feb 05, 2009
Posts: 6
i really don't know much about fuzzy logic or neural network..i read regular expressions a bit in Automata when i was in 6th semester. My final year optional subjects have been information theory and coding , data compression & cryptography and mobile communications..before that i read electronics , circuit theory, dbms,data structures, communications systems, engineering mathematics,C ,JAVA, J2EE , multimedia ,automata, software engg (only the relevent ones i mentioned)..and also i passed SCJP 1.4 with 95%

i think now you have a more clear picture of what i already know..hope you don't get bored by the long list of subjects

whatever you say, you have done enough for me already
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: requesting suggestions on topics for project on network security using Java(final year project)